insights

Don’t Get Put on the SHAME LIST! ; Contribute to a Safer Web by Installing an SSL Today

Google is about to give us all a final push to defend our sensitive information starting this July (2018) with the release of Chrome 68, a new version of their free internet browser. The new version will mark all HTTP sites as “Not Secure,” according to a blog post published by Emily Schechter, Chrome security product manager. In a gradually increasing effort to ensure visitor safety and security throughout the web, Google started to mark more and more HTTP websites as “Not Secure” last January, including those asking for credit card information and passwords. Outside entities even published “Shame Lists” of websites that had not yet made the switch!

Just since last year, more than 68% of Google Chrome users on Android and Windows and more than 78% on Chrome OS and Mac now have protection through HTTPS encryption. Of course, Google aims for 100% of traffic to be protected by HTTPS encryption by default. What does this mean for you? It means that your website needs a certificate for use with SSL or TLS if it does not have one yet.

Lost in a cloud of abbreviations? Here’s what you need to know:

HTTPS (HyperText Transfer Protocol Secure) is an extension of HTTP and a certain code that two computers use to scramble the messages they send to each other so that hackers can’t intercept those messages (i.e. your CC info, passwords, etc.) and read them. An SSL is a Secure Sockets Layer and TSL means Transport Layer Security. These layers are where HTTPS uses this “crime-fighting” code. They allow private and secure transfer of data to a browser from a server. Therefore, starting in July, anyone without an SSL or TLS will be deemed “Not Secure.”

Right now, HTTPS sites show a green lock and the word “Secure” in the far left of the URL bar. While previous versions of Chrome would only alert the visitor that the site was not secure when entering data into certain fields, anyone that does not switch to HTTPS will surely turn off visitors by showing a red “i” in a circle and the words, “Not Secure.”

There are new automatic auditing tools that make migrating to HTTPS very simple, such as the audit in Lighthouse. Developers can use Lighthouse to determine which parts of your site are ready to update to HTTPS. Moving to HTTPS will also allow for new features and performance enhancements that HTTP cannot support.

In February 2018, Google reported that HTTPS was already the default for 81% of the top 100 sites. Contact Nichelabs to help you obtain your SSL in time by calling 888-978-9254 or click here to send a message.